DirectoryInfo.GetAccessControl DirectoryInfo.GetAccessControl DirectoryInfo.GetAccessControl DirectoryInfo.GetAccessControl Method

定義

取得目前目錄的存取控制清單 (ACL) 項目。Gets the access control list (ACL) entries for the current directory.

多載

GetAccessControl() GetAccessControl() GetAccessControl() GetAccessControl()

取得 DirectorySecurity 物件,該物件會封裝由目前 DirectoryInfo 物件所描述之目錄的存取控制清單 (ACL) 項目。Gets a DirectorySecurity object that encapsulates the access control list (ACL) entries for the directory described by the current DirectoryInfo object.

GetAccessControl(AccessControlSections) GetAccessControl(AccessControlSections) GetAccessControl(AccessControlSections) GetAccessControl(AccessControlSections)

取得 DirectorySecurity 物件,該物件會封裝由目前 DirectoryInfo 物件所描述之目錄的指定型別存取控制清單 (ACL) 項目。Gets a DirectorySecurity object that encapsulates the specified type of access control list (ACL) entries for the directory described by the current DirectoryInfo object.

備註

使用GetAccessControl方法來抓取目前檔案的存取控制清單(ACL)專案。Use GetAccessControl methods to retrieve the access control list (ACL) entries for the current file.

如需詳細資訊,請參閱如何:新增或移除存取控制清單項目For more information, see How to: Add or Remove Access Control List Entries.

GetAccessControl() GetAccessControl() GetAccessControl() GetAccessControl()

取得 DirectorySecurity 物件,該物件會封裝由目前 DirectoryInfo 物件所描述之目錄的存取控制清單 (ACL) 項目。Gets a DirectorySecurity object that encapsulates the access control list (ACL) entries for the directory described by the current DirectoryInfo object.

public:
 System::Security::AccessControl::DirectorySecurity ^ GetAccessControl();
public System.Security.AccessControl.DirectorySecurity GetAccessControl ();
member this.GetAccessControl : unit -> System.Security.AccessControl.DirectorySecurity
Public Function GetAccessControl () As DirectorySecurity

傳回

DirectorySecurity 物件,封裝目錄的存取控制規則。A DirectorySecurity object that encapsulates the access control rules for the directory.

例外狀況

找不到目錄或無法修改目錄。The directory could not be found or modified.

目錄是唯讀的。The directory is read-only.

-或--or-

這個作業在目前平台不受支援。This operation is not supported on the current platform.

-或--or-

呼叫端沒有必要的使用權限。The caller does not have the required permission.

開啟目錄時發生 I/O 錯誤。An I/O error occurred while opening the directory.

目前的作業系統不是 Microsoft Windows 2000 (含) 以後版本。The current operating system is not Microsoft Windows 2000 or later.

範例

下列範例會使用GetAccessControlSetAccessControl方法來新增和移除目錄中的存取控制清單(ACL)專案。The following example uses the GetAccessControl and SetAccessControl methods to add and then remove an access control list (ACL) entry from a directory.

using namespace System;
using namespace System::IO;
using namespace System::Security::AccessControl;

// Adds an ACL entry on the specified directory for the
// specified account.
void AddDirectorySecurity(String^ directoryName, String^ account, 
     FileSystemRights rights, AccessControlType controlType)
{
    // Create a new DirectoryInfo object.
    DirectoryInfo^ dInfo = gcnew DirectoryInfo(directoryName);

    // Get a DirectorySecurity object that represents the
    // current security settings.
    DirectorySecurity^ dSecurity = dInfo->GetAccessControl();

    // Add the FileSystemAccessRule to the security settings.
    dSecurity->AddAccessRule( gcnew FileSystemAccessRule(account,
        rights, controlType));

    // Set the new access settings.
    dInfo->SetAccessControl(dSecurity);
}

// Removes an ACL entry on the specified directory for the
// specified account.
void RemoveDirectorySecurity(String^ directoryName, String^ account,
     FileSystemRights rights, AccessControlType controlType)
{
    // Create a new DirectoryInfo object.
    DirectoryInfo^ dInfo = gcnew DirectoryInfo(directoryName);

    // Get a DirectorySecurity object that represents the
    // current security settings.
    DirectorySecurity^ dSecurity = dInfo->GetAccessControl();

    // Add the FileSystemAccessRule to the security settings.
    dSecurity->RemoveAccessRule(gcnew FileSystemAccessRule(account,
        rights, controlType));

    // Set the new access settings.
    dInfo->SetAccessControl(dSecurity);
}    

int main()
{
    String^ directoryName = "TestDirectory";
    String^ accountName = "MYDOMAIN\\MyAccount";
    if (!Directory::Exists(directoryName))
    {
        Console::WriteLine("The directory {0} could not be found.", 
            directoryName);
        return 0;
    }
    try
    {
        Console::WriteLine("Adding access control entry for {0}",
            directoryName);

        // Add the access control entry to the directory.
        AddDirectorySecurity(directoryName, accountName,
            FileSystemRights::ReadData, AccessControlType::Allow);

        Console::WriteLine("Removing access control entry from {0}",
            directoryName);

        // Remove the access control entry from the directory.
        RemoveDirectorySecurity(directoryName, accountName, 
            FileSystemRights::ReadData, AccessControlType::Allow);

        Console::WriteLine("Done.");
    }
    catch (UnauthorizedAccessException^)
    {
        Console::WriteLine("You are not authorised to carry" +
            " out this procedure.");
    }
    catch (System::Security::Principal::
        IdentityNotMappedException^)
    {
        Console::WriteLine("The account {0} could not be found.", accountName);
    }
}

using System;
using System.IO;
using System.Security.AccessControl;

namespace FileSystemExample
{
    class DirectoryExample
    {
        public static void Main()
        {
            try
            {
                string DirectoryName = "TestDirectory";

                Console.WriteLine("Adding access control entry for " + DirectoryName);

                // Add the access control entry to the directory.
                AddDirectorySecurity(DirectoryName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Removing access control entry from " + DirectoryName);

                // Remove the access control entry from the directory.
                RemoveDirectorySecurity(DirectoryName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Done.");
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
            }

            Console.ReadLine();
        }

        // Adds an ACL entry on the specified directory for the specified account.
        public static void AddDirectorySecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType)
        {
            // Create a new DirectoryInfo object.
            DirectoryInfo dInfo = new DirectoryInfo(FileName);

            // Get a DirectorySecurity object that represents the 
            // current security settings.
            DirectorySecurity dSecurity = dInfo.GetAccessControl();

            // Add the FileSystemAccessRule to the security settings. 
            dSecurity.AddAccessRule(new FileSystemAccessRule(Account,
                                                            Rights,
                                                            ControlType));

            // Set the new access settings.
            dInfo.SetAccessControl(dSecurity);

        }

        // Removes an ACL entry on the specified directory for the specified account.
        public static void RemoveDirectorySecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType)
        {
            // Create a new DirectoryInfo object.
            DirectoryInfo dInfo = new DirectoryInfo(FileName);

            // Get a DirectorySecurity object that represents the 
            // current security settings.
            DirectorySecurity dSecurity = dInfo.GetAccessControl();

            // Add the FileSystemAccessRule to the security settings. 
            dSecurity.RemoveAccessRule(new FileSystemAccessRule(Account,
                                                            Rights,
                                                            ControlType));

            // Set the new access settings.
            dInfo.SetAccessControl(dSecurity);

        }
    }
}

Imports System.IO
Imports System.Security.AccessControl



Module DirectoryExample

    Sub Main()
        Try
            Dim DirectoryName As String = "TestDirectory"

            Console.WriteLine("Adding access control entry for " + DirectoryName)

            ' Add the access control entry to the directory.
            AddDirectorySecurity(DirectoryName, "MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Removing access control entry from " + DirectoryName)

            ' Remove the access control entry from the directory.
            RemoveDirectorySecurity(DirectoryName, "MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Done.")
        Catch e As Exception
            Console.WriteLine(e)
        End Try

        Console.ReadLine()

    End Sub


    ' Adds an ACL entry on the specified directory for the specified account.
    Sub AddDirectorySecurity(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal ControlType As AccessControlType)
        ' Create a new DirectoryInfoobject.
        Dim dInfo As New DirectoryInfo(FileName)

        ' Get a DirectorySecurity object that represents the 
        ' current security settings.
        Dim dSecurity As DirectorySecurity = dInfo.GetAccessControl()

        ' Add the FileSystemAccessRule to the security settings. 
        dSecurity.AddAccessRule(New FileSystemAccessRule(Account, Rights, ControlType))

        ' Set the new access settings.
        dInfo.SetAccessControl(dSecurity)

    End Sub


    ' Removes an ACL entry on the specified directory for the specified account.
    Sub RemoveDirectorySecurity(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal ControlType As AccessControlType)
        ' Create a new DirectoryInfo object.
        Dim dInfo As New DirectoryInfo(FileName)

        ' Get a DirectorySecurity object that represents the 
        ' current security settings.
        Dim dSecurity As DirectorySecurity = dInfo.GetAccessControl()

        ' Add the FileSystemAccessRule to the security settings. 
        dSecurity.RemoveAccessRule(New FileSystemAccessRule(Account, Rights, ControlType))

        ' Set the new access settings.
        dInfo.SetAccessControl(dSecurity)

    End Sub
End Module

備註

呼叫GetAccessControl這個方法多載相當於呼叫方法多載,並指定存取控制區段(AccessControlSections.Access | AccessControlSections.Group | AccessControlSections.Owner AccessControlSections.Access Or AccessControlSections.Owner在VisualBasic)。 Or AccessControlSections.GroupCalling this method overload is equivalent to calling the GetAccessControl method overload and specifying the access control sections AccessControlSections.Access | AccessControlSections.Owner | AccessControlSections.Group (AccessControlSections.AccessOrAccessControlSections.OwnerOrAccessControlSections.Group in Visual Basic).

GetAccessControl使用方法來抓取目前檔案的存取控制清單(ACL)專案。Use the GetAccessControl method to retrieve the access control list (ACL) entries for the current file.

ACL 會描述在指定檔案或目錄上,擁有或不具有特定動作之許可權的個人和/或群組。An ACL describes individuals and/or groups who have, or do not have, rights to specific actions on the given file or directory. 如需詳細資訊,請參閱如何:新增或移除存取控制清單項目For more information, see How to: Add or Remove Access Control List Entries.

安全性

FileIOPermission
用於列舉目錄存取控制清單(ACL)的許可權。for permission to enumerate an access control list (ACL) for a directory. 安全性動作: DemandSecurity action: Demand. 相關聯的NoAccess列舉:、ViewAssociated enumerations: NoAccess, View

GetAccessControl(AccessControlSections) GetAccessControl(AccessControlSections) GetAccessControl(AccessControlSections) GetAccessControl(AccessControlSections)

取得 DirectorySecurity 物件,該物件會封裝由目前 DirectoryInfo 物件所描述之目錄的指定型別存取控制清單 (ACL) 項目。Gets a DirectorySecurity object that encapsulates the specified type of access control list (ACL) entries for the directory described by the current DirectoryInfo object.

public:
 System::Security::AccessControl::DirectorySecurity ^ GetAccessControl(System::Security::AccessControl::AccessControlSections includeSections);
public System.Security.AccessControl.DirectorySecurity GetAccessControl (System.Security.AccessControl.AccessControlSections includeSections);
member this.GetAccessControl : System.Security.AccessControl.AccessControlSections -> System.Security.AccessControl.DirectorySecurity
Public Function GetAccessControl (includeSections As AccessControlSections) As DirectorySecurity

參數

includeSections
AccessControlSections AccessControlSections AccessControlSections AccessControlSections

其中一個 AccessControlSections 值,指定要接收的存取控制清單 (ACL) 資訊之類型。One of the AccessControlSections values that specifies the type of access control list (ACL) information to receive.

傳回

DirectorySecurity 物件,該物件封裝 path 參數所描述之檔案的存取控制規則。A DirectorySecurity object that encapsulates the access control rules for the file described by the path parameter.

例外狀況Exceptions

例外狀況類型Exception type 條件Condition
SystemException 找不到目錄或無法修改目錄。The directory could not be found or modified.
UnauthorizedAccessException 目前的處理序不具有開啟目錄的存取權。The current process does not have access to open the directory.
IOException 開啟目錄時發生 I/O 錯誤。An I/O error occurred while opening the directory.
PlatformNotSupportedException 目前的作業系統不是 Microsoft Windows 2000 (含) 以後版本。The current operating system is not Microsoft Windows 2000 or later.
UnauthorizedAccessException 目錄是唯讀的。The directory is read-only. -或--or- 這個作業在目前平台不受支援。This operation is not supported on the current platform. -或--or- 呼叫端沒有必要的使用權限。The caller does not have the required permission.

備註

GetAccessControl使用方法來抓取目前檔案的存取控制清單(ACL)專案。Use the GetAccessControl method to retrieve the access control list (ACL) entries for the current file.

ACL 會描述在指定檔案或目錄上,擁有或不具有特定動作之許可權的個人和/或群組。An ACL describes individuals and/or groups who have, or do not have, rights to specific actions on the given file or directory. 如需詳細資訊,請參閱如何:新增或移除存取控制清單項目For more information, see How to: Add or Remove Access Control List Entries.

安全性

FileIOPermission
用於列舉目錄存取控制清單(ACL)的許可權。for permission to enumerate an access control list (ACL) for a directory. 安全性動作: DemandSecurity action: Demand. 相關聯的NoAccess列舉:、ViewAssociated enumerations: NoAccess, View

適用於